To get the full details, please check in the job output.
shellcheck errors
```
'shellcheck -e SC1004' returned error 1 finding the following syntactical issues:
----------
In monitoring/bin/deploy_monitoring_cluster.sh line 6:
cd "$(dirname $BASH_SOURCE)/../.."
^----------^ SC2128 (warning): Expanding an array without an index only gives the first element.
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
cd "$(dirname "$BASH_SOURCE")/../.."
In monitoring/bin/deploy_monitoring_cluster.sh line 7:
source monitoring/bin/common.sh
^----------------------^ SC1091 (info): Not following: monitoring/bin/common.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 8:
source bin/service-url-include.sh
^------------------------^ SC1091 (info): Not following: bin/service-url-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 18:
source bin/tls-include.sh
^----------------^ SC1091 (info): Not following: bin/tls-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 19:
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if verify_cert_generator "$MON_NS" prometheus alertmanager grafana; then
In monitoring/bin/deploy_monitoring_cluster.sh line 20:
log_debug "cert generator check OK [$cert_generator_ok]"
^----------------^ SC2154 (warning): cert_generator_ok is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 22:
log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
^-------------^ SC2154 (warning): cert_generator is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 26:
helm2ReleaseCheck v4m-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck v4m-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 27:
helm2ReleaseCheck prometheus-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck prometheus-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 43:
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if [ -z "$(kubectl get ns "$MON_NS" -o name 2>/dev/null)" ]; then
In monitoring/bin/deploy_monitoring_cluster.sh line 44:
kubectl create ns $MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create ns "$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 47:
disable_sa_token_automount $MON_NS default
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" default
In monitoring/bin/deploy_monitoring_cluster.sh line 52:
generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
^------------^ SC2154 (warning): imageKeysFile is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 100:
if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if kubectl get crd "$crd".monitoring.coreos.com 1>/dev/null 2>&1; then
In monitoring/bin/deploy_monitoring_cluster.sh line 101:
kubectl replace -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl replace -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 103:
kubectl create -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 111:
kubectl delete daemonset -n $MON_NS -l app=prometheus-node-exporter --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete daemonset -n "$MON_NS" -l app=prometheus-node-exporter --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 129:
create_tls_certs $MON_NS monitoring ${apps[@]}
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^--------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.
Did you mean:
create_tls_certs "$MON_NS" monitoring ${apps[@]}
In monitoring/bin/deploy_monitoring_cluster.sh line 139:
kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" --ignore-not-found grafana-datasource-prom-https
In monitoring/bin/deploy_monitoring_cluster.sh line 140:
kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
In monitoring/bin/deploy_monitoring_cluster.sh line 141:
kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 145:
kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" node-exporter-tls-web-config --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 147:
kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 148:
kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 160:
if helm3ReleaseExists prometheus-operator $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists prometheus-operator "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 169:
if helm3ReleaseExists $promRelease $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists $promRelease "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 183:
kubectl delete -n $MON_NS --ignore-not-found \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete -n "$MON_NS" --ignore-not-found \
In monitoring/bin/deploy_monitoring_cluster.sh line 202:
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$KUBE_PROM_STACK_CHART_REPO" "$KUBE_PROM_STACK_CHART_NAME" "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 203:
versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 206:
helm $helmDebug upgrade --install $promRelease \
^--------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm "$helmDebug" upgrade --install $promRelease \
In monitoring/bin/deploy_monitoring_cluster.sh line 207:
--namespace $MON_NS \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
--namespace "$MON_NS" \
In monitoring/bin/deploy_monitoring_cluster.sh line 208:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 210:
-f $istioValuesFile \
^--------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$istioValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 211:
-f $tlsValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tlsValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 212:
-f $tlsPromAlertingEndpointFile \
^--------------------------^ SC2154 (warning): tlsPromAlertingEndpointFile is referenced but not assigned.
^--------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tlsPromAlertingEndpointFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 213:
-f $nodePortValuesFile \
^-----------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$nodePortValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 214:
-f $wnpValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$wnpValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 215:
-f $PROM_OPER_USER_YAML \
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$PROM_OPER_USER_YAML" \
In monitoring/bin/deploy_monitoring_cluster.sh line 216:
-f $tempoDSFile \
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tempoDSFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 227:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 228:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 233:
disable_sa_token_automount $MON_NS v4m-grafana
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-grafana
In monitoring/bin/deploy_monitoring_cluster.sh line 234:
disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" sas-ops-acct #Used w/Prometheus
In monitoring/bin/deploy_monitoring_cluster.sh line 235:
disable_sa_token_automount $MON_NS v4m-node-exporter
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-node-exporter
In monitoring/bin/deploy_monitoring_cluster.sh line 236:
disable_sa_token_automount $MON_NS v4m-alertmanager
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-alertmanager
In monitoring/bin/deploy_monitoring_cluster.sh line 239:
disable_sa_token_automount $MON_NS v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 240:
enable_pod_token_automount $MON_NS deployment v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 241:
disable_sa_token_automount $MON_NS v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 242:
enable_pod_token_automount $MON_NS deployment v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 259:
chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$TEMPO_CHART_REPO" "$TEMPO_CHART_NAME" "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 260:
versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 266:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 269:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 270:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 275:
kubectl get ns $NGINX_NS 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl get ns "$NGINX_NS" 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 276:
if [ $? == 0 ]; then
^-- SC2181 (style): Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
In monitoring/bin/deploy_monitoring_cluster.sh line 283:
kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$NGINX_NS" -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 287:
kubectl apply -n $MON_NS -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 290:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 293:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 294:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 299:
kubectl apply -n $MON_NS -f $f
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-- SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f "$f"
In monitoring/bin/deploy_monitoring_cluster.sh line 328:
gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
gf_url=$(get_service_url "$MON_NS" v4m-grafana "$TLS_ENABLE")
In monitoring/bin/deploy_monitoring_cluster.sh line 334:
if helm3ReleaseExists v4m $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists v4m "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 346:
if [ ! -z "$gf_url" ]; then
^-- SC2236 (style): Use -n instead of ! -z.
For more information:
https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...
https://www.shellcheck.net/wiki/SC2128 -- Expanding an array without an ind...
https://www.shellcheck.net/wiki/SC2154 -- cert_generator is referenced but ...
----------
You can address the above issues in one of three ways:
1. Manually correct the issue in the offending shell script;
2. Disable specific issues by adding the comment:
# shellcheck disable=NNNN
above the line that contains the issue, where NNNN is the error code;
3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file.
```
shfmt errors
```
'shfmt -s' returned error 1 finding the following formatting issues:
----------
--- monitoring/bin/deploy_monitoring_cluster.sh.orig
+++ monitoring/bin/deploy_monitoring_cluster.sh
@@ -8,19 +8,19 @@
source bin/service-url-include.sh
if [ "$OPENSHIFT_CLUSTER" == "true" ]; then
- if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
- log_error "This script should not be run on OpenShift clusters"
- log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
- exit 1
- fi
+ if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
+ log_error "This script should not be run on OpenShift clusters"
+ log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
+ exit 1
+ fi
fi
source bin/tls-include.sh
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
- log_debug "cert generator check OK [$cert_generator_ok]"
+ log_debug "cert generator check OK [$cert_generator_ok]"
else
- log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
- exit 1
+ log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
+ exit 1
fi
helm2ReleaseCheck v4m-$MON_NS
@@ -32,33 +32,32 @@
PROM_OPER_USER_YAML="${PROM_OPER_USER_YAML:-$USER_DIR/monitoring/user-values-prom-operator.yaml}"
if [ ! -f "$PROM_OPER_USER_YAML" ]; then
- log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
+ log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
fi
if [ "$HELM_DEBUG" == "true" ]; then
- helmDebug="--debug"
+ helmDebug="--debug"
fi
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
- kubectl create ns $MON_NS
+ kubectl create ns $MON_NS
- #Container Security: Disable serviceAccount Token Automounting
- disable_sa_token_automount $MON_NS default
+ #Container Security: Disable serviceAccount Token Automounting
+ disable_sa_token_automount $MON_NS default
fi
#Generate yaml file with all container-related keys
-generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
-generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
-generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
-generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
-generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
-generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
-generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
-generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
-generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
+generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
+generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
+generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
+generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
+generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
+generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
+generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
+generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
+generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
-
set -e
log_notice "Deploying monitoring to the [$MON_NS] namespace..."
@@ -68,43 +67,43 @@
istioValuesFile=$TMP_DIR/empty.yaml
# Istio - Federate data from Istio's Prometheus instance
if [ "$ISTIO_ENABLED" == "true" ]; then
- log_verbose "Including Istio metric federation"
- istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
+ log_verbose "Including Istio metric federation"
+ istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
else
- log_debug "ISTIO_ENABLED flag not set"
- log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
+ log_debug "ISTIO_ENABLED flag not set"
+ log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
fi
# Check if Prometheus Operator CRDs are already installed
PROM_OPERATOR_CRD_UPDATE=${PROM_OPERATOR_CRD_UPDATE:-true}
if [ "$PROM_OPERATOR_CRD_UPDATE" == "true" ]; then
- log_verbose "Updating Prometheus Operator custom resource definitions"
- crds=( alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes )
- for crd in "${crds[@]}"; do
-
- ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
- if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
- crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
+ log_verbose "Updating Prometheus Operator custom resource definitions"
+ crds=(alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes)
+ for crd in "${crds[@]}"; do
- ## Fail if the CRDs could not be located.
- if [ ! -f "$crdURL" ]; then
- log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
- log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
- log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
- exit 1
- fi
- else
- crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
- fi
+ ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
+ if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
+ crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
- if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
- kubectl replace -f $crdURL
- else
- kubectl create -f $crdURL
- fi
- done
+ ## Fail if the CRDs could not be located.
+ if [ ! -f "$crdURL" ]; then
+ log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
+ log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
+ log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
+ exit 1
+ fi
+ else
+ crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
+ fi
+
+ if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
+ kubectl replace -f $crdURL
+ else
+ kubectl create -f $crdURL
+ fi
+ done
else
- log_debug "Prometheus Operator CRD update disabled"
+ log_debug "Prometheus Operator CRD update disabled"
fi
# Remove existing DaemonSets in case of an upgrade-in-place
@@ -113,11 +112,11 @@
# Optional workload node placement support
MON_NODE_PLACEMENT_ENABLE=${MON_NODE_PLACEMENT_ENABLE:-${NODE_PLACEMENT_ENABLE:-false}}
if [ "$MON_NODE_PLACEMENT_ENABLE" == "true" ]; then
- log_verbose "Enabling monitoring components for workload node placement"
- wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
+ log_verbose "Enabling monitoring components for workload node placement"
+ wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
else
- log_debug "Workload node placement support is disabled"
- wnpValuesFile="$TMP_DIR/empty.yaml"
+ log_debug "Workload node placement support is disabled"
+ wnpValuesFile="$TMP_DIR/empty.yaml"
fi
# Optional TLS Support
@@ -125,113 +124,113 @@
serviceMonitorEndpointScheme="http"
if [ "$TLS_ENABLE" == "true" ]; then
- apps=( prometheus alertmanager grafana )
- create_tls_certs $MON_NS monitoring ${apps[@]}
+ apps=(prometheus alertmanager grafana)
+ create_tls_certs $MON_NS monitoring ${apps[@]}
- tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
- log_debug "Including TLS response file $tlsValuesFile"
+ tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
+ log_debug "Including TLS response file $tlsValuesFile"
- log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
- grafanaDS=grafana-datasource-prom-https.yaml
- if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
- grafanaDS=grafana-datasource-prom-https-path.yaml
- fi
- kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
- kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
- kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
+ log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
+ grafanaDS=grafana-datasource-prom-https.yaml
+ if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
+ grafanaDS=grafana-datasource-prom-https-path.yaml
+ fi
+ kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
+ kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
+ kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
- # node-exporter TLS
- log_verbose "Enabling Prometheus node-exporter for TLS"
- kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
- sleep 1
- kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
- kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
+ # node-exporter TLS
+ log_verbose "Enabling Prometheus node-exporter for TLS"
+ kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
+ sleep 1
+ kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
+ kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
- serviceMonitorEndpointScheme="https"
+ serviceMonitorEndpointScheme="https"
fi
nodePortValuesFile=$TMP_DIR/empty.yaml
PROM_NODEPORT_ENABLE=${PROM_NODEPORT_ENABLE:-false}
if [ "$PROM_NODEPORT_ENABLE" == "true" ]; then
- log_debug "Enabling NodePort access for Prometheus and Alertmanager"
- nodePortValuesFile=monitoring/values-prom-nodeport.yaml
+ log_debug "Enabling NodePort access for Prometheus and Alertmanager"
+ nodePortValuesFile=monitoring/values-prom-nodeport.yaml
fi
if helm3ReleaseExists prometheus-operator $MON_NS; then
- promRelease=prometheus-operator
- promName=prometheus-operator
+ promRelease=prometheus-operator
+ promName=prometheus-operator
else
- promRelease=v4m-prometheus-operator
- promName=v4m
+ promRelease=v4m-prometheus-operator
+ promName=v4m
fi
log_verbose "User response file: [$PROM_OPER_USER_YAML]"
log_info "Deploying the kube-prometheus stack. This may take a few minutes ..."
if helm3ReleaseExists $promRelease $MON_NS; then
- log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
+ log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
else
- grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
- if [ "$grafanaPwd" == "" ]; then
- log_debug "Generating random Grafana admin password"
- showPass="true"
- grafanaPwd="$(randomPassword)"
- fi
- log_verbose "Installing via Helm ($(date) - timeout 20m)"
+ grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
+ if [ "$grafanaPwd" == "" ]; then
+ log_debug "Generating random Grafana admin password"
+ showPass="true"
+ grafanaPwd="$(randomPassword)"
+ fi
+ log_verbose "Installing via Helm ($(date) - timeout 20m)"
fi
# See https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-21x-to-22x
-if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ "$V4M_CURRENT_VERSION_MINOR" =~ [0-5] ]]; then
- kubectl delete -n $MON_NS --ignore-not-found \
- deployments.apps \
- -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
+if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ $V4M_CURRENT_VERSION_MINOR =~ [0-5] ]]; then
+ kubectl delete -n $MON_NS --ignore-not-found \
+ deployments.apps \
+ -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
fi
TRACING_ENABLE="${TRACING_ENABLE:-false}"
if [ "$TRACING_ENABLE" == "false" ]; then
- tempoDSFile=$TMP_DIR/empty.yaml
+ tempoDSFile=$TMP_DIR/empty.yaml
else
- TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
- if [ ! -f "$TEMPO_USER_YAML" ]; then
- log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- TEMPO_USER_YAML=$TMP_DIR/empty.yaml
- fi
- tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
-fi
+ TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
+ if [ ! -f "$TEMPO_USER_YAML" ]; then
+ log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ TEMPO_USER_YAML=$TMP_DIR/empty.yaml
+ fi
+ tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
+fi
# Get Helm Chart Name
log_debug "Kube-Prometheus Stack Helm Chart: repo [$KUBE_PROM_STACK_CHART_REPO] name [$KUBE_PROM_STACK_CHART_NAME] version [$KUBE_PROM_STACK_CHART_VERSION]"
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
-versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
+versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
log_debug "Installing Helm chart from artifact [$chart2install]"
helm $helmDebug upgrade --install $promRelease \
- --namespace $MON_NS \
- -f $imageKeysFile \
- -f monitoring/values-prom-operator.yaml \
- -f $istioValuesFile \
- -f $tlsValuesFile \
- -f $tlsPromAlertingEndpointFile \
- -f $nodePortValuesFile \
- -f $wnpValuesFile \
- -f $PROM_OPER_USER_YAML \
- -f $tempoDSFile \
- --atomic \
- --timeout 20m \
- --set nameOverride=$promName \
- --set fullnameOverride=$promName \
- --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
- --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
- --set grafana.fullnameOverride=$promName-grafana \
- --set grafana.adminPassword="$grafanaPwd" \
- --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
- --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
- $versionstring \
- $chart2install
+ --namespace $MON_NS \
+ -f $imageKeysFile \
+ -f monitoring/values-prom-operator.yaml \
+ -f $istioValuesFile \
+ -f $tlsValuesFile \
+ -f $tlsPromAlertingEndpointFile \
+ -f $nodePortValuesFile \
+ -f $wnpValuesFile \
+ -f $PROM_OPER_USER_YAML \
+ -f $tempoDSFile \
+ --atomic \
+ --timeout 20m \
+ --set nameOverride=$promName \
+ --set fullnameOverride=$promName \
+ --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
+ --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
+ --set grafana.fullnameOverride=$promName-grafana \
+ --set grafana.adminPassword="$grafanaPwd" \
+ --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
+ --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
+ $versionstring \
+ $chart2install
sleep 2
#Container Security: Disable serviceAccount Token Automounting
disable_sa_token_automount $MON_NS v4m-grafana
-disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
+disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
disable_sa_token_automount $MON_NS v4m-node-exporter
disable_sa_token_automount $MON_NS v4m-alertmanager
@@ -245,42 +244,42 @@
log_verbose "Deploying cluster ServiceMonitors"
if [ "$TRACING_ENABLE" == "true" ]; then
- log_info "Tracing enabled..."
+ log_info "Tracing enabled..."
- #Generate yaml file with all container-related keys
- generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
+ #Generate yaml file with all container-related keys
+ generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
- # Add the grafana helm chart repo
- helmRepoAdd grafana https://grafana.github.io/helm-charts
- helm repo update
+ # Add the grafana helm chart repo
+ helmRepoAdd grafana https://grafana.github.io/helm-charts
+ helm repo update
- # Get Helm Chart Name
- log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
- chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
- versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
- log_debug "Installing Helm chart from artifact [$chart2install]"
+ # Get Helm Chart Name
+ log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
+ chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
+ versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
+ log_debug "Installing Helm chart from artifact [$chart2install]"
- log_info "Installing tempo"
- helm upgrade --install v4m-tempo \
- -n "$MON_NS" \
- -f $imageKeysFile \
- -f monitoring/values-tempo.yaml \
- -f "$TEMPO_USER_YAML" \
- $versionstring \
- $chart2install
+ log_info "Installing tempo"
+ helm upgrade --install v4m-tempo \
+ -n "$MON_NS" \
+ -f $imageKeysFile \
+ -f monitoring/values-tempo.yaml \
+ -f "$TEMPO_USER_YAML" \
+ $versionstring \
+ $chart2install
fi
# NGINX
set +e
kubectl get ns $NGINX_NS 2>/dev/null
if [ $? == 0 ]; then
- nginxFound=true
+ nginxFound=true
fi
set -e
if [ "$nginxFound" == "true" ]; then
- log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
- kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
+ log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
+ kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
fi
# Eventrouter ServiceMonitor
@@ -296,25 +295,25 @@
# Rules
log_verbose "Adding Prometheus recording rules"
for f in monitoring/rules/viya/rules-*.yaml; do
- kubectl apply -n $MON_NS -f $f
+ kubectl apply -n $MON_NS -f $f
done
# Elasticsearch Datasource for Grafana
LOGGING_DATASOURCE="${LOGGING_DATASOURCE:-false}"
if [ "$LOGGING_DATASOURCE" == "true" ]; then
- set +e
- log_debug "Creating the logging data source using the create_logging_datasource script"
- monitoring/bin/create_logging_datasource.sh
+ set +e
+ log_debug "Creating the logging data source using the create_logging_datasource script"
+ monitoring/bin/create_logging_datasource.sh
- if (( $? == 1 )); then
- log_warn "Unable to configure the logging data source at this time."
- log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
- log_warn "monitoring/bin/create_logging_datasource.sh"
- fi
- set -e
+ if (($? == 1)); then
+ log_warn "Unable to configure the logging data source at this time."
+ log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
+ log_warn "monitoring/bin/create_logging_datasource.sh"
+ fi
+ set -e
else
- log_debug "LOGGING_DATASOURCE not set"
- log_debug "Skipping creation of logging data source for Grafana"
+ log_debug "LOGGING_DATASOURCE not set"
+ log_debug "Skipping creation of logging data source for Grafana"
fi
echo ""
@@ -325,32 +324,32 @@
get_ingress_ports
# get URLs for Grafana, Prometheus and AlertManager
-gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
+gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
# pr_url=$(get_url $MON_NS v4m-prometheus "$TLS_ENABLE")
# am_url=$(get_url $MON_NS v4m-alertmanager "$TLS_ENABLE")
set -e
# If a deployment with the old name exists, remove it first
if helm3ReleaseExists v4m $MON_NS; then
- log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
- helm uninstall -n "$MON_NS" "v4m"
+ log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
+ helm uninstall -n "$MON_NS" "v4m"
fi
if ! deployV4MInfo "$MON_NS" "v4m-metrics"; then
- log_warn "Unable to update SAS Viya Monitoring Helm chart release"
+ log_warn "Unable to update SAS Viya Monitoring Helm chart release"
fi
# Print URL to access web apps
log_notice ""
log_notice "GRAFANA: "
if [ ! -z "$gf_url" ]; then
- log_notice " $gf_url"
+ log_notice " $gf_url"
else
- log_notice " It was not possible to determine the URL needed to access Grafana. Note "
- log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
- log_notice " ingress or network access configuration that this script does not handle."
+ log_notice " It was not possible to determine the URL needed to access Grafana. Note "
+ log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
+ log_notice " ingress or network access configuration that this script does not handle."
fi
- log_notice ""
+log_notice ""
#log_notice ""
#log_notice "================================================================================"
@@ -373,14 +372,12 @@
#log_notice ""
if [ "$showPass" == "true" ]; then
- # Find the grafana pod
-
- log_notice " Generated Grafana admin password is: $grafanaPwd"
- log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
- log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
+ # Find the grafana pod
+
+ log_notice " Generated Grafana admin password is: $grafanaPwd"
+ log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
+ log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
fi
log_message ""
log_notice " Successfully deployed components to the [$MON_NS] namespace"
-
-
----------
You can reformat the above files to meet shfmt's requirements by typing:
shfmt -s -w filename
```
To get the full details, please check in the job output.
shellcheck errors
```
'shellcheck -e SC1004' returned error 1 finding the following syntactical issues:
----------
In monitoring/bin/deploy_monitoring_cluster.sh line 6:
cd "$(dirname $BASH_SOURCE)/../.."
^----------^ SC2128 (warning): Expanding an array without an index only gives the first element.
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
cd "$(dirname "$BASH_SOURCE")/../.."
In monitoring/bin/deploy_monitoring_cluster.sh line 7:
source monitoring/bin/common.sh
^----------------------^ SC1091 (info): Not following: monitoring/bin/common.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 8:
source bin/service-url-include.sh
^------------------------^ SC1091 (info): Not following: bin/service-url-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 18:
source bin/tls-include.sh
^----------------^ SC1091 (info): Not following: bin/tls-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 19:
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if verify_cert_generator "$MON_NS" prometheus alertmanager grafana; then
In monitoring/bin/deploy_monitoring_cluster.sh line 20:
log_debug "cert generator check OK [$cert_generator_ok]"
^----------------^ SC2154 (warning): cert_generator_ok is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 22:
log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
^-------------^ SC2154 (warning): cert_generator is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 26:
helm2ReleaseCheck v4m-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck v4m-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 27:
helm2ReleaseCheck prometheus-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck prometheus-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 43:
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if [ -z "$(kubectl get ns "$MON_NS" -o name 2>/dev/null)" ]; then
In monitoring/bin/deploy_monitoring_cluster.sh line 44:
kubectl create ns $MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create ns "$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 47:
disable_sa_token_automount $MON_NS default
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" default
In monitoring/bin/deploy_monitoring_cluster.sh line 52:
generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
^------------^ SC2154 (warning): imageKeysFile is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 100:
if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if kubectl get crd "$crd".monitoring.coreos.com 1>/dev/null 2>&1; then
In monitoring/bin/deploy_monitoring_cluster.sh line 101:
kubectl replace -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl replace -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 103:
kubectl create -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 111:
kubectl delete daemonset -n $MON_NS -l app=prometheus-node-exporter --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete daemonset -n "$MON_NS" -l app=prometheus-node-exporter --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 129:
create_tls_certs $MON_NS monitoring ${apps[@]}
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^--------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.
Did you mean:
create_tls_certs "$MON_NS" monitoring ${apps[@]}
In monitoring/bin/deploy_monitoring_cluster.sh line 139:
kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" --ignore-not-found grafana-datasource-prom-https
In monitoring/bin/deploy_monitoring_cluster.sh line 140:
kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
In monitoring/bin/deploy_monitoring_cluster.sh line 141:
kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 145:
kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" node-exporter-tls-web-config --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 147:
kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 148:
kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 160:
if helm3ReleaseExists prometheus-operator $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists prometheus-operator "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 169:
if helm3ReleaseExists $promRelease $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists $promRelease "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 183:
kubectl delete -n $MON_NS --ignore-not-found \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete -n "$MON_NS" --ignore-not-found \
In monitoring/bin/deploy_monitoring_cluster.sh line 202:
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$KUBE_PROM_STACK_CHART_REPO" "$KUBE_PROM_STACK_CHART_NAME" "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 203:
versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 206:
helm $helmDebug upgrade --install $promRelease \
^--------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm "$helmDebug" upgrade --install $promRelease \
In monitoring/bin/deploy_monitoring_cluster.sh line 207:
--namespace $MON_NS \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
--namespace "$MON_NS" \
In monitoring/bin/deploy_monitoring_cluster.sh line 208:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 210:
-f $istioValuesFile \
^--------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$istioValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 211:
-f $tlsValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tlsValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 212:
-f $nodePortValuesFile \
^-----------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$nodePortValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 213:
-f $wnpValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$wnpValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 214:
-f $PROM_OPER_USER_YAML \
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$PROM_OPER_USER_YAML" \
In monitoring/bin/deploy_monitoring_cluster.sh line 215:
-f $tempoDSFile \
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tempoDSFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 226:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 227:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 232:
disable_sa_token_automount $MON_NS v4m-grafana
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-grafana
In monitoring/bin/deploy_monitoring_cluster.sh line 233:
disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" sas-ops-acct #Used w/Prometheus
In monitoring/bin/deploy_monitoring_cluster.sh line 234:
disable_sa_token_automount $MON_NS v4m-node-exporter
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-node-exporter
In monitoring/bin/deploy_monitoring_cluster.sh line 235:
disable_sa_token_automount $MON_NS v4m-alertmanager
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-alertmanager
In monitoring/bin/deploy_monitoring_cluster.sh line 238:
disable_sa_token_automount $MON_NS v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 239:
enable_pod_token_automount $MON_NS deployment v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 240:
disable_sa_token_automount $MON_NS v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 241:
enable_pod_token_automount $MON_NS deployment v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 258:
chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$TEMPO_CHART_REPO" "$TEMPO_CHART_NAME" "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 259:
versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 265:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 268:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 269:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 274:
kubectl get ns $NGINX_NS 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl get ns "$NGINX_NS" 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 275:
if [ $? == 0 ]; then
^-- SC2181 (style): Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
In monitoring/bin/deploy_monitoring_cluster.sh line 282:
kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$NGINX_NS" -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 286:
kubectl apply -n $MON_NS -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 289:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 292:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 293:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 298:
kubectl apply -n $MON_NS -f $f
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-- SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f "$f"
In monitoring/bin/deploy_monitoring_cluster.sh line 327:
gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
gf_url=$(get_service_url "$MON_NS" v4m-grafana "$TLS_ENABLE")
In monitoring/bin/deploy_monitoring_cluster.sh line 333:
if helm3ReleaseExists v4m $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists v4m "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 345:
if [ ! -z "$gf_url" ]; then
^-- SC2236 (style): Use -n instead of ! -z.
For more information:
https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...
https://www.shellcheck.net/wiki/SC2128 -- Expanding an array without an ind...
https://www.shellcheck.net/wiki/SC2154 -- cert_generator is referenced but ...
----------
You can address the above issues in one of three ways:
1. Manually correct the issue in the offending shell script;
2. Disable specific issues by adding the comment:
# shellcheck disable=NNNN
above the line that contains the issue, where NNNN is the error code;
3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file.
```
shfmt errors
```
'shfmt -s' returned error 1 finding the following formatting issues:
----------
--- monitoring/bin/deploy_monitoring_cluster.sh.orig
+++ monitoring/bin/deploy_monitoring_cluster.sh
@@ -8,19 +8,19 @@
source bin/service-url-include.sh
if [ "$OPENSHIFT_CLUSTER" == "true" ]; then
- if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
- log_error "This script should not be run on OpenShift clusters"
- log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
- exit 1
- fi
+ if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
+ log_error "This script should not be run on OpenShift clusters"
+ log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
+ exit 1
+ fi
fi
source bin/tls-include.sh
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
- log_debug "cert generator check OK [$cert_generator_ok]"
+ log_debug "cert generator check OK [$cert_generator_ok]"
else
- log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
- exit 1
+ log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
+ exit 1
fi
helm2ReleaseCheck v4m-$MON_NS
@@ -32,33 +32,32 @@
PROM_OPER_USER_YAML="${PROM_OPER_USER_YAML:-$USER_DIR/monitoring/user-values-prom-operator.yaml}"
if [ ! -f "$PROM_OPER_USER_YAML" ]; then
- log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
+ log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
fi
if [ "$HELM_DEBUG" == "true" ]; then
- helmDebug="--debug"
+ helmDebug="--debug"
fi
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
- kubectl create ns $MON_NS
+ kubectl create ns $MON_NS
- #Container Security: Disable serviceAccount Token Automounting
- disable_sa_token_automount $MON_NS default
+ #Container Security: Disable serviceAccount Token Automounting
+ disable_sa_token_automount $MON_NS default
fi
#Generate yaml file with all container-related keys
-generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
-generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
-generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
-generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
-generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
-generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
-generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
-generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
-generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
+generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
+generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
+generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
+generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
+generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
+generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
+generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
+generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
+generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
-
set -e
log_notice "Deploying monitoring to the [$MON_NS] namespace..."
@@ -68,43 +67,43 @@
istioValuesFile=$TMP_DIR/empty.yaml
# Istio - Federate data from Istio's Prometheus instance
if [ "$ISTIO_ENABLED" == "true" ]; then
- log_verbose "Including Istio metric federation"
- istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
+ log_verbose "Including Istio metric federation"
+ istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
else
- log_debug "ISTIO_ENABLED flag not set"
- log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
+ log_debug "ISTIO_ENABLED flag not set"
+ log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
fi
# Check if Prometheus Operator CRDs are already installed
PROM_OPERATOR_CRD_UPDATE=${PROM_OPERATOR_CRD_UPDATE:-true}
if [ "$PROM_OPERATOR_CRD_UPDATE" == "true" ]; then
- log_verbose "Updating Prometheus Operator custom resource definitions"
- crds=( alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes )
- for crd in "${crds[@]}"; do
-
- ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
- if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
- crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
+ log_verbose "Updating Prometheus Operator custom resource definitions"
+ crds=(alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes)
+ for crd in "${crds[@]}"; do
- ## Fail if the CRDs could not be located.
- if [ ! -f "$crdURL" ]; then
- log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
- log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
- log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
- exit 1
- fi
- else
- crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
- fi
+ ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
+ if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
+ crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
- if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
- kubectl replace -f $crdURL
- else
- kubectl create -f $crdURL
- fi
- done
+ ## Fail if the CRDs could not be located.
+ if [ ! -f "$crdURL" ]; then
+ log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
+ log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
+ log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
+ exit 1
+ fi
+ else
+ crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
+ fi
+
+ if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
+ kubectl replace -f $crdURL
+ else
+ kubectl create -f $crdURL
+ fi
+ done
else
- log_debug "Prometheus Operator CRD update disabled"
+ log_debug "Prometheus Operator CRD update disabled"
fi
# Remove existing DaemonSets in case of an upgrade-in-place
@@ -113,11 +112,11 @@
# Optional workload node placement support
MON_NODE_PLACEMENT_ENABLE=${MON_NODE_PLACEMENT_ENABLE:-${NODE_PLACEMENT_ENABLE:-false}}
if [ "$MON_NODE_PLACEMENT_ENABLE" == "true" ]; then
- log_verbose "Enabling monitoring components for workload node placement"
- wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
+ log_verbose "Enabling monitoring components for workload node placement"
+ wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
else
- log_debug "Workload node placement support is disabled"
- wnpValuesFile="$TMP_DIR/empty.yaml"
+ log_debug "Workload node placement support is disabled"
+ wnpValuesFile="$TMP_DIR/empty.yaml"
fi
# Optional TLS Support
@@ -125,112 +124,112 @@
serviceMonitorEndpointScheme="http"
if [ "$TLS_ENABLE" == "true" ]; then
- apps=( prometheus alertmanager grafana )
- create_tls_certs $MON_NS monitoring ${apps[@]}
+ apps=(prometheus alertmanager grafana)
+ create_tls_certs $MON_NS monitoring ${apps[@]}
- tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
- log_debug "Including TLS response file $tlsValuesFile"
+ tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
+ log_debug "Including TLS response file $tlsValuesFile"
- log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
- grafanaDS=grafana-datasource-prom-https.yaml
- if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
- grafanaDS=grafana-datasource-prom-https-path.yaml
- fi
- kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
- kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
- kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
+ log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
+ grafanaDS=grafana-datasource-prom-https.yaml
+ if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
+ grafanaDS=grafana-datasource-prom-https-path.yaml
+ fi
+ kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
+ kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
+ kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
- # node-exporter TLS
- log_verbose "Enabling Prometheus node-exporter for TLS"
- kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
- sleep 1
- kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
- kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
+ # node-exporter TLS
+ log_verbose "Enabling Prometheus node-exporter for TLS"
+ kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
+ sleep 1
+ kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
+ kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
- serviceMonitorEndpointScheme="https"
+ serviceMonitorEndpointScheme="https"
fi
nodePortValuesFile=$TMP_DIR/empty.yaml
PROM_NODEPORT_ENABLE=${PROM_NODEPORT_ENABLE:-false}
if [ "$PROM_NODEPORT_ENABLE" == "true" ]; then
- log_debug "Enabling NodePort access for Prometheus and Alertmanager"
- nodePortValuesFile=monitoring/values-prom-nodeport.yaml
+ log_debug "Enabling NodePort access for Prometheus and Alertmanager"
+ nodePortValuesFile=monitoring/values-prom-nodeport.yaml
fi
if helm3ReleaseExists prometheus-operator $MON_NS; then
- promRelease=prometheus-operator
- promName=prometheus-operator
+ promRelease=prometheus-operator
+ promName=prometheus-operator
else
- promRelease=v4m-prometheus-operator
- promName=v4m
+ promRelease=v4m-prometheus-operator
+ promName=v4m
fi
log_verbose "User response file: [$PROM_OPER_USER_YAML]"
log_info "Deploying the kube-prometheus stack. This may take a few minutes ..."
if helm3ReleaseExists $promRelease $MON_NS; then
- log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
+ log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
else
- grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
- if [ "$grafanaPwd" == "" ]; then
- log_debug "Generating random Grafana admin password"
- showPass="true"
- grafanaPwd="$(randomPassword)"
- fi
- log_verbose "Installing via Helm ($(date) - timeout 20m)"
+ grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
+ if [ "$grafanaPwd" == "" ]; then
+ log_debug "Generating random Grafana admin password"
+ showPass="true"
+ grafanaPwd="$(randomPassword)"
+ fi
+ log_verbose "Installing via Helm ($(date) - timeout 20m)"
fi
# See https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-21x-to-22x
-if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ "$V4M_CURRENT_VERSION_MINOR" =~ [0-5] ]]; then
- kubectl delete -n $MON_NS --ignore-not-found \
- deployments.apps \
- -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
+if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ $V4M_CURRENT_VERSION_MINOR =~ [0-5] ]]; then
+ kubectl delete -n $MON_NS --ignore-not-found \
+ deployments.apps \
+ -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
fi
TRACING_ENABLE="${TRACING_ENABLE:-false}"
if [ "$TRACING_ENABLE" == "false" ]; then
- tempoDSFile=$TMP_DIR/empty.yaml
+ tempoDSFile=$TMP_DIR/empty.yaml
else
- TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
- if [ ! -f "$TEMPO_USER_YAML" ]; then
- log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- TEMPO_USER_YAML=$TMP_DIR/empty.yaml
- fi
- tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
-fi
+ TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
+ if [ ! -f "$TEMPO_USER_YAML" ]; then
+ log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ TEMPO_USER_YAML=$TMP_DIR/empty.yaml
+ fi
+ tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
+fi
# Get Helm Chart Name
log_debug "Kube-Prometheus Stack Helm Chart: repo [$KUBE_PROM_STACK_CHART_REPO] name [$KUBE_PROM_STACK_CHART_NAME] version [$KUBE_PROM_STACK_CHART_VERSION]"
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
-versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
+versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
log_debug "Installing Helm chart from artifact [$chart2install]"
helm $helmDebug upgrade --install $promRelease \
- --namespace $MON_NS \
- -f $imageKeysFile \
- -f monitoring/values-prom-operator.yaml \
- -f $istioValuesFile \
- -f $tlsValuesFile \
- -f $nodePortValuesFile \
- -f $wnpValuesFile \
- -f $PROM_OPER_USER_YAML \
- -f $tempoDSFile \
- --atomic \
- --timeout 20m \
- --set nameOverride=$promName \
- --set fullnameOverride=$promName \
- --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
- --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
- --set grafana.fullnameOverride=$promName-grafana \
- --set grafana.adminPassword="$grafanaPwd" \
- --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
- --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
- $versionstring \
- $chart2install
+ --namespace $MON_NS \
+ -f $imageKeysFile \
+ -f monitoring/values-prom-operator.yaml \
+ -f $istioValuesFile \
+ -f $tlsValuesFile \
+ -f $nodePortValuesFile \
+ -f $wnpValuesFile \
+ -f $PROM_OPER_USER_YAML \
+ -f $tempoDSFile \
+ --atomic \
+ --timeout 20m \
+ --set nameOverride=$promName \
+ --set fullnameOverride=$promName \
+ --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
+ --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
+ --set grafana.fullnameOverride=$promName-grafana \
+ --set grafana.adminPassword="$grafanaPwd" \
+ --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
+ --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
+ $versionstring \
+ $chart2install
sleep 2
#Container Security: Disable serviceAccount Token Automounting
disable_sa_token_automount $MON_NS v4m-grafana
-disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
+disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
disable_sa_token_automount $MON_NS v4m-node-exporter
disable_sa_token_automount $MON_NS v4m-alertmanager
@@ -244,42 +243,42 @@
log_verbose "Deploying cluster ServiceMonitors"
if [ "$TRACING_ENABLE" == "true" ]; then
- log_info "Tracing enabled..."
+ log_info "Tracing enabled..."
- #Generate yaml file with all container-related keys
- generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
+ #Generate yaml file with all container-related keys
+ generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
- # Add the grafana helm chart repo
- helmRepoAdd grafana https://grafana.github.io/helm-charts
- helm repo update
+ # Add the grafana helm chart repo
+ helmRepoAdd grafana https://grafana.github.io/helm-charts
+ helm repo update
- # Get Helm Chart Name
- log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
- chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
- versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
- log_debug "Installing Helm chart from artifact [$chart2install]"
+ # Get Helm Chart Name
+ log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
+ chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
+ versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
+ log_debug "Installing Helm chart from artifact [$chart2install]"
- log_info "Installing tempo"
- helm upgrade --install v4m-tempo \
- -n "$MON_NS" \
- -f $imageKeysFile \
- -f monitoring/values-tempo.yaml \
- -f "$TEMPO_USER_YAML" \
- $versionstring \
- $chart2install
+ log_info "Installing tempo"
+ helm upgrade --install v4m-tempo \
+ -n "$MON_NS" \
+ -f $imageKeysFile \
+ -f monitoring/values-tempo.yaml \
+ -f "$TEMPO_USER_YAML" \
+ $versionstring \
+ $chart2install
fi
# NGINX
set +e
kubectl get ns $NGINX_NS 2>/dev/null
if [ $? == 0 ]; then
- nginxFound=true
+ nginxFound=true
fi
set -e
if [ "$nginxFound" == "true" ]; then
- log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
- kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
+ log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
+ kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
fi
# Eventrouter ServiceMonitor
@@ -295,25 +294,25 @@
# Rules
log_verbose "Adding Prometheus recording rules"
for f in monitoring/rules/viya/rules-*.yaml; do
- kubectl apply -n $MON_NS -f $f
+ kubectl apply -n $MON_NS -f $f
done
# Elasticsearch Datasource for Grafana
LOGGING_DATASOURCE="${LOGGING_DATASOURCE:-false}"
if [ "$LOGGING_DATASOURCE" == "true" ]; then
- set +e
- log_debug "Creating the logging data source using the create_logging_datasource script"
- monitoring/bin/create_logging_datasource.sh
+ set +e
+ log_debug "Creating the logging data source using the create_logging_datasource script"
+ monitoring/bin/create_logging_datasource.sh
- if (( $? == 1 )); then
- log_warn "Unable to configure the logging data source at this time."
- log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
- log_warn "monitoring/bin/create_logging_datasource.sh"
- fi
- set -e
+ if (($? == 1)); then
+ log_warn "Unable to configure the logging data source at this time."
+ log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
+ log_warn "monitoring/bin/create_logging_datasource.sh"
+ fi
+ set -e
else
- log_debug "LOGGING_DATASOURCE not set"
- log_debug "Skipping creation of logging data source for Grafana"
+ log_debug "LOGGING_DATASOURCE not set"
+ log_debug "Skipping creation of logging data source for Grafana"
fi
echo ""
@@ -324,32 +323,32 @@
get_ingress_ports
# get URLs for Grafana, Prometheus and AlertManager
-gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
+gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
# pr_url=$(get_url $MON_NS v4m-prometheus "$TLS_ENABLE")
# am_url=$(get_url $MON_NS v4m-alertmanager "$TLS_ENABLE")
set -e
# If a deployment with the old name exists, remove it first
if helm3ReleaseExists v4m $MON_NS; then
- log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
- helm uninstall -n "$MON_NS" "v4m"
+ log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
+ helm uninstall -n "$MON_NS" "v4m"
fi
if ! deployV4MInfo "$MON_NS" "v4m-metrics"; then
- log_warn "Unable to update SAS Viya Monitoring Helm chart release"
+ log_warn "Unable to update SAS Viya Monitoring Helm chart release"
fi
# Print URL to access web apps
log_notice ""
log_notice "GRAFANA: "
if [ ! -z "$gf_url" ]; then
- log_notice " $gf_url"
+ log_notice " $gf_url"
else
- log_notice " It was not possible to determine the URL needed to access Grafana. Note "
- log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
- log_notice " ingress or network access configuration that this script does not handle."
+ log_notice " It was not possible to determine the URL needed to access Grafana. Note "
+ log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
+ log_notice " ingress or network access configuration that this script does not handle."
fi
- log_notice ""
+log_notice ""
#log_notice ""
#log_notice "================================================================================"
@@ -372,14 +371,12 @@
#log_notice ""
if [ "$showPass" == "true" ]; then
- # Find the grafana pod
-
- log_notice " Generated Grafana admin password is: $grafanaPwd"
- log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
- log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
+ # Find the grafana pod
+
+ log_notice " Generated Grafana admin password is: $grafanaPwd"
+ log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
+ log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
fi
log_message ""
log_notice " Successfully deployed components to the [$MON_NS] namespace"
-
-
----------
You can reformat the above files to meet shfmt's requirements by typing:
shfmt -s -w filename
```
sh-checker report
To get the full details, please check in the job output.
shellcheck errors
``` 'shellcheck -e SC1004' returned error 1 finding the following syntactical issues: ---------- In monitoring/bin/deploy_monitoring_cluster.sh line 6: cd "$(dirname $BASH_SOURCE)/../.." ^----------^ SC2128 (warning): Expanding an array without an index only gives the first element. ^----------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: cd "$(dirname "$BASH_SOURCE")/../.." In monitoring/bin/deploy_monitoring_cluster.sh line 7: source monitoring/bin/common.sh ^----------------------^ SC1091 (info): Not following: monitoring/bin/common.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 8: source bin/service-url-include.sh ^------------------------^ SC1091 (info): Not following: bin/service-url-include.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 18: source bin/tls-include.sh ^----------------^ SC1091 (info): Not following: bin/tls-include.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 19: if verify_cert_generator $MON_NS prometheus alertmanager grafana; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if verify_cert_generator "$MON_NS" prometheus alertmanager grafana; then In monitoring/bin/deploy_monitoring_cluster.sh line 20: log_debug "cert generator check OK [$cert_generator_ok]" ^----------------^ SC2154 (warning): cert_generator_ok is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 22: log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" ^-------------^ SC2154 (warning): cert_generator is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 26: helm2ReleaseCheck v4m-$MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm2ReleaseCheck v4m-"$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 27: helm2ReleaseCheck prometheus-$MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm2ReleaseCheck prometheus-"$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 43: if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if [ -z "$(kubectl get ns "$MON_NS" -o name 2>/dev/null)" ]; then In monitoring/bin/deploy_monitoring_cluster.sh line 44: kubectl create ns $MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create ns "$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 47: disable_sa_token_automount $MON_NS default ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" default In monitoring/bin/deploy_monitoring_cluster.sh line 52: generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" ^------------^ SC2154 (warning): imageKeysFile is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 100: if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then ^--^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if kubectl get crd "$crd".monitoring.coreos.com 1>/dev/null 2>&1; then In monitoring/bin/deploy_monitoring_cluster.sh line 101: kubectl replace -f $crdURL ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl replace -f "$crdURL" In monitoring/bin/deploy_monitoring_cluster.sh line 103: kubectl create -f $crdURL ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create -f "$crdURL" In monitoring/bin/deploy_monitoring_cluster.sh line 111: kubectl delete daemonset -n $MON_NS -l app=prometheus-node-exporter --ignore-not-found ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete daemonset -n "$MON_NS" -l app=prometheus-node-exporter --ignore-not-found In monitoring/bin/deploy_monitoring_cluster.sh line 129: create_tls_certs $MON_NS monitoring ${apps[@]} ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. ^--------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements. Did you mean: create_tls_certs "$MON_NS" monitoring ${apps[@]} In monitoring/bin/deploy_monitoring_cluster.sh line 139: kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete cm -n "$MON_NS" --ignore-not-found grafana-datasource-prom-https In monitoring/bin/deploy_monitoring_cluster.sh line 140: kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create cm -n "$MON_NS" grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS In monitoring/bin/deploy_monitoring_cluster.sh line 141: kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl label cm -n "$MON_NS" grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring In monitoring/bin/deploy_monitoring_cluster.sh line 145: kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete cm -n "$MON_NS" node-exporter-tls-web-config --ignore-not-found In monitoring/bin/deploy_monitoring_cluster.sh line 147: kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create cm -n "$MON_NS" node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 148: kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl label cm -n "$MON_NS" node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring In monitoring/bin/deploy_monitoring_cluster.sh line 160: if helm3ReleaseExists prometheus-operator $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists prometheus-operator "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 169: if helm3ReleaseExists $promRelease $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists $promRelease "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 183: kubectl delete -n $MON_NS --ignore-not-found \ ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete -n "$MON_NS" --ignore-not-found \ In monitoring/bin/deploy_monitoring_cluster.sh line 202: chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)" ^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: chart2install="$(get_helmchart_reference "$KUBE_PROM_STACK_CHART_REPO" "$KUBE_PROM_STACK_CHART_NAME" "$KUBE_PROM_STACK_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 203: versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" ^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: versionstring="$(get_helm_versionstring "$KUBE_PROM_STACK_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 206: helm $helmDebug upgrade --install $promRelease \ ^--------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm "$helmDebug" upgrade --install $promRelease \ In monitoring/bin/deploy_monitoring_cluster.sh line 207: --namespace $MON_NS \ ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: --namespace "$MON_NS" \ In monitoring/bin/deploy_monitoring_cluster.sh line 208: -f $imageKeysFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$imageKeysFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 210: -f $istioValuesFile \ ^--------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$istioValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 211: -f $tlsValuesFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tlsValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 212: -f $tlsPromAlertingEndpointFile \ ^--------------------------^ SC2154 (warning): tlsPromAlertingEndpointFile is referenced but not assigned. ^--------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tlsPromAlertingEndpointFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 213: -f $nodePortValuesFile \ ^-----------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$nodePortValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 214: -f $wnpValuesFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$wnpValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 215: -f $PROM_OPER_USER_YAML \ ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$PROM_OPER_USER_YAML" \ In monitoring/bin/deploy_monitoring_cluster.sh line 216: -f $tempoDSFile \ ^----------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tempoDSFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 227: $versionstring \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$versionstring" \ In monitoring/bin/deploy_monitoring_cluster.sh line 228: $chart2install ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$chart2install" In monitoring/bin/deploy_monitoring_cluster.sh line 233: disable_sa_token_automount $MON_NS v4m-grafana ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-grafana In monitoring/bin/deploy_monitoring_cluster.sh line 234: disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" sas-ops-acct #Used w/Prometheus In monitoring/bin/deploy_monitoring_cluster.sh line 235: disable_sa_token_automount $MON_NS v4m-node-exporter ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-node-exporter In monitoring/bin/deploy_monitoring_cluster.sh line 236: disable_sa_token_automount $MON_NS v4m-alertmanager ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-alertmanager In monitoring/bin/deploy_monitoring_cluster.sh line 239: disable_sa_token_automount $MON_NS v4m-kube-state-metrics ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-kube-state-metrics In monitoring/bin/deploy_monitoring_cluster.sh line 240: enable_pod_token_automount $MON_NS deployment v4m-kube-state-metrics ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: enable_pod_token_automount "$MON_NS" deployment v4m-kube-state-metrics In monitoring/bin/deploy_monitoring_cluster.sh line 241: disable_sa_token_automount $MON_NS v4m-operator ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-operator In monitoring/bin/deploy_monitoring_cluster.sh line 242: enable_pod_token_automount $MON_NS deployment v4m-operator ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: enable_pod_token_automount "$MON_NS" deployment v4m-operator In monitoring/bin/deploy_monitoring_cluster.sh line 259: chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" ^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: chart2install="$(get_helmchart_reference "$TEMPO_CHART_REPO" "$TEMPO_CHART_NAME" "$TEMPO_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 260: versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: versionstring="$(get_helm_versionstring "$TEMPO_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 266: -f $imageKeysFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$imageKeysFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 269: $versionstring \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$versionstring" \ In monitoring/bin/deploy_monitoring_cluster.sh line 270: $chart2install ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$chart2install" In monitoring/bin/deploy_monitoring_cluster.sh line 275: kubectl get ns $NGINX_NS 2>/dev/null ^-------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl get ns "$NGINX_NS" 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 276: if [ $? == 0 ]; then ^-- SC2181 (style): Check exit code directly with e.g. 'if mycmd;', not indirectly with $?. In monitoring/bin/deploy_monitoring_cluster.sh line 283: kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null ^-------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$NGINX_NS" -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 287: kubectl apply -n $MON_NS -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 290: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 293: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 294: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 299: kubectl apply -n $MON_NS -f $f ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. ^-- SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f "$f" In monitoring/bin/deploy_monitoring_cluster.sh line 328: gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: gf_url=$(get_service_url "$MON_NS" v4m-grafana "$TLS_ENABLE") In monitoring/bin/deploy_monitoring_cluster.sh line 334: if helm3ReleaseExists v4m $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists v4m "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 346: if [ ! -z "$gf_url" ]; then ^-- SC2236 (style): Use -n instead of ! -z. For more information: https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ... https://www.shellcheck.net/wiki/SC2128 -- Expanding an array without an ind... https://www.shellcheck.net/wiki/SC2154 -- cert_generator is referenced but ... ---------- You can address the above issues in one of three ways: 1. Manually correct the issue in the offending shell script; 2. Disable specific issues by adding the comment: # shellcheck disable=NNNN above the line that contains the issue, where NNNN is the error code; 3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file. ```shfmt errors
``` 'shfmt -s' returned error 1 finding the following formatting issues: ---------- --- monitoring/bin/deploy_monitoring_cluster.sh.orig +++ monitoring/bin/deploy_monitoring_cluster.sh @@ -8,19 +8,19 @@ source bin/service-url-include.sh if [ "$OPENSHIFT_CLUSTER" == "true" ]; then - if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then - log_error "This script should not be run on OpenShift clusters" - log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead" - exit 1 - fi + if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then + log_error "This script should not be run on OpenShift clusters" + log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead" + exit 1 + fi fi source bin/tls-include.sh if verify_cert_generator $MON_NS prometheus alertmanager grafana; then - log_debug "cert generator check OK [$cert_generator_ok]" + log_debug "cert generator check OK [$cert_generator_ok]" else - log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" - exit 1 + log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" + exit 1 fi helm2ReleaseCheck v4m-$MON_NS @@ -32,33 +32,32 @@ PROM_OPER_USER_YAML="${PROM_OPER_USER_YAML:-$USER_DIR/monitoring/user-values-prom-operator.yaml}" if [ ! -f "$PROM_OPER_USER_YAML" ]; then - log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml" - PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml + log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml" + PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml fi if [ "$HELM_DEBUG" == "true" ]; then - helmDebug="--debug" + helmDebug="--debug" fi if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then - kubectl create ns $MON_NS + kubectl create ns $MON_NS - #Container Security: Disable serviceAccount Token Automounting - disable_sa_token_automount $MON_NS default + #Container Security: Disable serviceAccount Token Automounting + disable_sa_token_automount $MON_NS default fi #Generate yaml file with all container-related keys -generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template" -generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" -generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_" -generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_" -generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_" -generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_" -generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_" -generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_" -generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_" +generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template" +generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" +generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_" +generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_" +generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_" +generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_" +generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_" +generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_" +generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_" - set -e log_notice "Deploying monitoring to the [$MON_NS] namespace..." @@ -68,43 +67,43 @@ istioValuesFile=$TMP_DIR/empty.yaml # Istio - Federate data from Istio's Prometheus instance if [ "$ISTIO_ENABLED" == "true" ]; then - log_verbose "Including Istio metric federation" - istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml + log_verbose "Including Istio metric federation" + istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml else - log_debug "ISTIO_ENABLED flag not set" - log_debug "Skipping deployment of federated scrape of Istio Prometheus instance" + log_debug "ISTIO_ENABLED flag not set" + log_debug "Skipping deployment of federated scrape of Istio Prometheus instance" fi # Check if Prometheus Operator CRDs are already installed PROM_OPERATOR_CRD_UPDATE=${PROM_OPERATOR_CRD_UPDATE:-true} if [ "$PROM_OPERATOR_CRD_UPDATE" == "true" ]; then - log_verbose "Updating Prometheus Operator custom resource definitions" - crds=( alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes ) - for crd in "${crds[@]}"; do - - ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR. - if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then - crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml + log_verbose "Updating Prometheus Operator custom resource definitions" + crds=(alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes) + for crd in "${crds[@]}"; do - ## Fail if the CRDs could not be located. - if [ ! -f "$crdURL" ]; then - log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in" - log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory" - log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment" - exit 1 - fi - else - crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml" - fi + ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR. + if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then + crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml - if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then - kubectl replace -f $crdURL - else - kubectl create -f $crdURL - fi - done + ## Fail if the CRDs could not be located. + if [ ! -f "$crdURL" ]; then + log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in" + log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory" + log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment" + exit 1 + fi + else + crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml" + fi + + if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then + kubectl replace -f $crdURL + else + kubectl create -f $crdURL + fi + done else - log_debug "Prometheus Operator CRD update disabled" + log_debug "Prometheus Operator CRD update disabled" fi # Remove existing DaemonSets in case of an upgrade-in-place @@ -113,11 +112,11 @@ # Optional workload node placement support MON_NODE_PLACEMENT_ENABLE=${MON_NODE_PLACEMENT_ENABLE:-${NODE_PLACEMENT_ENABLE:-false}} if [ "$MON_NODE_PLACEMENT_ENABLE" == "true" ]; then - log_verbose "Enabling monitoring components for workload node placement" - wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml" + log_verbose "Enabling monitoring components for workload node placement" + wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml" else - log_debug "Workload node placement support is disabled" - wnpValuesFile="$TMP_DIR/empty.yaml" + log_debug "Workload node placement support is disabled" + wnpValuesFile="$TMP_DIR/empty.yaml" fi # Optional TLS Support @@ -125,113 +124,113 @@ serviceMonitorEndpointScheme="http" if [ "$TLS_ENABLE" == "true" ]; then - apps=( prometheus alertmanager grafana ) - create_tls_certs $MON_NS monitoring ${apps[@]} + apps=(prometheus alertmanager grafana) + create_tls_certs $MON_NS monitoring ${apps[@]} - tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml - log_debug "Including TLS response file $tlsValuesFile" + tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml + log_debug "Including TLS response file $tlsValuesFile" - log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana" - grafanaDS=grafana-datasource-prom-https.yaml - if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then - grafanaDS=grafana-datasource-prom-https-path.yaml - fi - kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https - kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS - kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring + log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana" + grafanaDS=grafana-datasource-prom-https.yaml + if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then + grafanaDS=grafana-datasource-prom-https-path.yaml + fi + kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https + kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS + kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring - # node-exporter TLS - log_verbose "Enabling Prometheus node-exporter for TLS" - kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found - sleep 1 - kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml - kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring + # node-exporter TLS + log_verbose "Enabling Prometheus node-exporter for TLS" + kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found + sleep 1 + kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml + kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring - serviceMonitorEndpointScheme="https" + serviceMonitorEndpointScheme="https" fi nodePortValuesFile=$TMP_DIR/empty.yaml PROM_NODEPORT_ENABLE=${PROM_NODEPORT_ENABLE:-false} if [ "$PROM_NODEPORT_ENABLE" == "true" ]; then - log_debug "Enabling NodePort access for Prometheus and Alertmanager" - nodePortValuesFile=monitoring/values-prom-nodeport.yaml + log_debug "Enabling NodePort access for Prometheus and Alertmanager" + nodePortValuesFile=monitoring/values-prom-nodeport.yaml fi if helm3ReleaseExists prometheus-operator $MON_NS; then - promRelease=prometheus-operator - promName=prometheus-operator + promRelease=prometheus-operator + promName=prometheus-operator else - promRelease=v4m-prometheus-operator - promName=v4m + promRelease=v4m-prometheus-operator + promName=v4m fi log_verbose "User response file: [$PROM_OPER_USER_YAML]" log_info "Deploying the kube-prometheus stack. This may take a few minutes ..." if helm3ReleaseExists $promRelease $MON_NS; then - log_verbose "Upgrading via Helm ($(date) - timeout 20m)" + log_verbose "Upgrading via Helm ($(date) - timeout 20m)" else - grafanaPwd="$GRAFANA_ADMIN_PASSWORD" - if [ "$grafanaPwd" == "" ]; then - log_debug "Generating random Grafana admin password" - showPass="true" - grafanaPwd="$(randomPassword)" - fi - log_verbose "Installing via Helm ($(date) - timeout 20m)" + grafanaPwd="$GRAFANA_ADMIN_PASSWORD" + if [ "$grafanaPwd" == "" ]; then + log_debug "Generating random Grafana admin password" + showPass="true" + grafanaPwd="$(randomPassword)" + fi + log_verbose "Installing via Helm ($(date) - timeout 20m)" fi # See https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-21x-to-22x -if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ "$V4M_CURRENT_VERSION_MINOR" =~ [0-5] ]]; then - kubectl delete -n $MON_NS --ignore-not-found \ - deployments.apps \ - -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics +if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ $V4M_CURRENT_VERSION_MINOR =~ [0-5] ]]; then + kubectl delete -n $MON_NS --ignore-not-found \ + deployments.apps \ + -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics fi TRACING_ENABLE="${TRACING_ENABLE:-false}" if [ "$TRACING_ENABLE" == "false" ]; then - tempoDSFile=$TMP_DIR/empty.yaml + tempoDSFile=$TMP_DIR/empty.yaml else - TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}" - if [ ! -f "$TEMPO_USER_YAML" ]; then - log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml" - TEMPO_USER_YAML=$TMP_DIR/empty.yaml - fi - tempoDSFile="monitoring/grafana-datasource-tempo.yaml" -fi + TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}" + if [ ! -f "$TEMPO_USER_YAML" ]; then + log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml" + TEMPO_USER_YAML=$TMP_DIR/empty.yaml + fi + tempoDSFile="monitoring/grafana-datasource-tempo.yaml" +fi # Get Helm Chart Name log_debug "Kube-Prometheus Stack Helm Chart: repo [$KUBE_PROM_STACK_CHART_REPO] name [$KUBE_PROM_STACK_CHART_NAME] version [$KUBE_PROM_STACK_CHART_VERSION]" chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)" -versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" +versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" log_debug "Installing Helm chart from artifact [$chart2install]" helm $helmDebug upgrade --install $promRelease \ - --namespace $MON_NS \ - -f $imageKeysFile \ - -f monitoring/values-prom-operator.yaml \ - -f $istioValuesFile \ - -f $tlsValuesFile \ - -f $tlsPromAlertingEndpointFile \ - -f $nodePortValuesFile \ - -f $wnpValuesFile \ - -f $PROM_OPER_USER_YAML \ - -f $tempoDSFile \ - --atomic \ - --timeout 20m \ - --set nameOverride=$promName \ - --set fullnameOverride=$promName \ - --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \ - --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \ - --set grafana.fullnameOverride=$promName-grafana \ - --set grafana.adminPassword="$grafanaPwd" \ - --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \ - --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \ - $versionstring \ - $chart2install + --namespace $MON_NS \ + -f $imageKeysFile \ + -f monitoring/values-prom-operator.yaml \ + -f $istioValuesFile \ + -f $tlsValuesFile \ + -f $tlsPromAlertingEndpointFile \ + -f $nodePortValuesFile \ + -f $wnpValuesFile \ + -f $PROM_OPER_USER_YAML \ + -f $tempoDSFile \ + --atomic \ + --timeout 20m \ + --set nameOverride=$promName \ + --set fullnameOverride=$promName \ + --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \ + --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \ + --set grafana.fullnameOverride=$promName-grafana \ + --set grafana.adminPassword="$grafanaPwd" \ + --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \ + --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \ + $versionstring \ + $chart2install sleep 2 #Container Security: Disable serviceAccount Token Automounting disable_sa_token_automount $MON_NS v4m-grafana -disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus +disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus disable_sa_token_automount $MON_NS v4m-node-exporter disable_sa_token_automount $MON_NS v4m-alertmanager @@ -245,42 +244,42 @@ log_verbose "Deploying cluster ServiceMonitors" if [ "$TRACING_ENABLE" == "true" ]; then - log_info "Tracing enabled..." + log_info "Tracing enabled..." - #Generate yaml file with all container-related keys - generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template" + #Generate yaml file with all container-related keys + generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template" - # Add the grafana helm chart repo - helmRepoAdd grafana https://grafana.github.io/helm-charts - helm repo update + # Add the grafana helm chart repo + helmRepoAdd grafana https://grafana.github.io/helm-charts + helm repo update - # Get Helm Chart Name - log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]" - chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" - versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" - log_debug "Installing Helm chart from artifact [$chart2install]" + # Get Helm Chart Name + log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]" + chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" + versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" + log_debug "Installing Helm chart from artifact [$chart2install]" - log_info "Installing tempo" - helm upgrade --install v4m-tempo \ - -n "$MON_NS" \ - -f $imageKeysFile \ - -f monitoring/values-tempo.yaml \ - -f "$TEMPO_USER_YAML" \ - $versionstring \ - $chart2install + log_info "Installing tempo" + helm upgrade --install v4m-tempo \ + -n "$MON_NS" \ + -f $imageKeysFile \ + -f monitoring/values-tempo.yaml \ + -f "$TEMPO_USER_YAML" \ + $versionstring \ + $chart2install fi # NGINX set +e kubectl get ns $NGINX_NS 2>/dev/null if [ $? == 0 ]; then - nginxFound=true + nginxFound=true fi set -e if [ "$nginxFound" == "true" ]; then - log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace" - kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null + log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace" + kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null fi # Eventrouter ServiceMonitor @@ -296,25 +295,25 @@ # Rules log_verbose "Adding Prometheus recording rules" for f in monitoring/rules/viya/rules-*.yaml; do - kubectl apply -n $MON_NS -f $f + kubectl apply -n $MON_NS -f $f done # Elasticsearch Datasource for Grafana LOGGING_DATASOURCE="${LOGGING_DATASOURCE:-false}" if [ "$LOGGING_DATASOURCE" == "true" ]; then - set +e - log_debug "Creating the logging data source using the create_logging_datasource script" - monitoring/bin/create_logging_datasource.sh + set +e + log_debug "Creating the logging data source using the create_logging_datasource script" + monitoring/bin/create_logging_datasource.sh - if (( $? == 1 )); then - log_warn "Unable to configure the logging data source at this time." - log_warn "Please address the errors and re-run the follow command to create the data source at a later time:" - log_warn "monitoring/bin/create_logging_datasource.sh" - fi - set -e + if (($? == 1)); then + log_warn "Unable to configure the logging data source at this time." + log_warn "Please address the errors and re-run the follow command to create the data source at a later time:" + log_warn "monitoring/bin/create_logging_datasource.sh" + fi + set -e else - log_debug "LOGGING_DATASOURCE not set" - log_debug "Skipping creation of logging data source for Grafana" + log_debug "LOGGING_DATASOURCE not set" + log_debug "Skipping creation of logging data source for Grafana" fi echo "" @@ -325,32 +324,32 @@ get_ingress_ports # get URLs for Grafana, Prometheus and AlertManager -gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") +gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") # pr_url=$(get_url $MON_NS v4m-prometheus "$TLS_ENABLE") # am_url=$(get_url $MON_NS v4m-alertmanager "$TLS_ENABLE") set -e # If a deployment with the old name exists, remove it first if helm3ReleaseExists v4m $MON_NS; then - log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace" - helm uninstall -n "$MON_NS" "v4m" + log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace" + helm uninstall -n "$MON_NS" "v4m" fi if ! deployV4MInfo "$MON_NS" "v4m-metrics"; then - log_warn "Unable to update SAS Viya Monitoring Helm chart release" + log_warn "Unable to update SAS Viya Monitoring Helm chart release" fi # Print URL to access web apps log_notice "" log_notice "GRAFANA: " if [ ! -z "$gf_url" ]; then - log_notice " $gf_url" + log_notice " $gf_url" else - log_notice " It was not possible to determine the URL needed to access Grafana. Note " - log_notice " that this is not necessarily a sign of a problem; it may only reflect an " - log_notice " ingress or network access configuration that this script does not handle." + log_notice " It was not possible to determine the URL needed to access Grafana. Note " + log_notice " that this is not necessarily a sign of a problem; it may only reflect an " + log_notice " ingress or network access configuration that this script does not handle." fi - log_notice "" +log_notice "" #log_notice "" #log_notice "================================================================================" @@ -373,14 +372,12 @@ #log_notice "" if [ "$showPass" == "true" ]; then - # Find the grafana pod - - log_notice " Generated Grafana admin password is: $grafanaPwd" - log_notice " To change the password, run the following script (replace myNewPassword with an updated password):" - log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword" + # Find the grafana pod + + log_notice " Generated Grafana admin password is: $grafanaPwd" + log_notice " To change the password, run the following script (replace myNewPassword with an updated password):" + log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword" fi log_message "" log_notice " Successfully deployed components to the [$MON_NS] namespace" - - ---------- You can reformat the above files to meet shfmt's requirements by typing: shfmt -s -w filename ```